3ed2f2b13b855cf6e6909d09bcdfb930_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3ed2f2b13b855cf6e6909d09bcdfb930_JaffaCakes118
Size

175KB
MD5

3ed2f2b13b855cf6e6909d09bcdfb930
SHA1

7a89eb6be366fa15bc94ef7e43d1dc41d01a3b47
SHA256

e706a27c8befbc22029aa2f33c5f8c51be52a42c05cdf414d06633e6ae153c6a
SHA512

3a50266edb850f264a05d4dcd1b65839e3f9ff4c4948a519081765f67f9c25959405226fb3d6236b5f5cce464078ef1a5b9aa0fbd3cc3e505c505bca85a23364
SSDEEP

3072:LXpnGI9NAlzZsAKEJgf4U3r9Ui9NuOVCSEAOlfPTsrcbEv2NmDxylGdkS50B4:LZ99NAltsAKEjUJUiLuOVPOlfPwhvym2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ed2f2b13b855cf6e6909d09bcdfb930_JaffaCakes118

Files

3ed2f2b13b855cf6e6909d09bcdfb930_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e54d128b5eb61a496d8402da8546b359

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AllocateAndInitializeSid
CloseServiceHandle
LockServiceDatabase
RegCloseKey
RegDeleteKeyA
RegEnumValueA
RegQueryValueExA
StartServiceCtrlDispatcherA

kernel32

CompareStringA
CopyFileA
CreateEventA
CreateFileMappingA
CreateMutexA
CreateProcessA
CreateThread
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FindFirstFileA
FlushFileBuffers
FreeEnvironmentStringsA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeProcess
GetFileTime
GetFileType
GetLastError
GetLocaleInfoA
GetOEMCP
GetPrivateProfileSectionA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStringTypeA
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetThreadLocale
GetThreadTimes
GetTickCount
GetUserDefaultLCID
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalLock
HeapAlloc
HeapCreate
HeapDestroy
HeapReAlloc
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadCodePtr
IsBadReadPtr
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LeaveCriticalSection
LoadResource
LocalAlloc
LocalFree
LockResource
Module32First
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
ReadFile
ReadProcessMemory
ReleaseMutex
RemoveDirectoryA
SetEnvironmentVariableA
SetErrorMode
SetLastError
SetPriorityClass
SetThreadPriority
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualProtect
WriteConsoleA
lstrcatA
lstrcpynA

user32

CharNextA
CharPrevA
CharUpperA
CheckDlgButton
ClientToScreen
DestroyWindow
EnumChildWindows
FindWindowA
GetClientRect
GetDC
GetDlgItemTextA
GetFocus
GetMessagePos
GetSysColor
GetSystemMenu
GetWindow
GetWindowLongA
IsDlgButtonChecked
LoadBitmapA
MessageBoxA
MoveWindow
RegisterClassA
RegisterClassExA
ReleaseCapture
SetCapture
SetDlgItemTextA
SetWindowTextA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.INIT
Size: 136KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e54d128b5eb61a496d8402da8546b359

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 17KB - Virtual size: 20KB

.INIT Size: 136KB - Virtual size: 332KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 17KB - Virtual size: 20KB

.INIT
Size: 136KB - Virtual size: 332KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 4KB